This report is auto-generated from the latest RBAC Atlas scan (2026-06-18). It analyzes the RBAC permissions of 257 Kubernetes open-source projects across 26501 manifest versions to provide a snapshot of the current cloud-native threat landscape.
At a Glance
| Metric | Value |
|---|
| Projects analyzed | 257 |
| Total manifest versions | 26501 |
| Avg service accounts per project | 2.11 |
| Avg permission bindings per project | 30.7 |
| Avg workloads per project | 3.47 |
| Avg critical risks per project | 3.5 |
| Avg high risks per project | 3.39 |
| Avg medium risks per project | 2.24 |
| Avg low risks per project | 21.56 |
| Projects with critical risks | 171 |
| Projects with no RBAC permissions | 54 |
Risk Distribution
| Risk Level | Count | Percentage |
|---|
| Critical | 900 | 11.41% |
| High | 872 | 11.05% |
| Medium | 576 | 7.3% |
| Low | 5542 | 70.24% |
| Total | 7890 | |
Top 10 RBAC Risk Tags
Top 10 Triggered Risk Rules
| Rule | Occurrences |
|---|
| Base Risk Level - Low | 6976 |
| Base Risk Level - High | 735 |
| Read ConfigMaps in a namespace | 260 |
| Read secrets in a namespace | 244 |
| Read secrets cluster-wide | 190 |
| Base Risk Level - Medium | 177 |
| Read ConfigMaps cluster-wide | 162 |
| Modify ConfigMaps in a namespace | 156 |
| List Namespaces (Cluster Reconnaissance) | 142 |
| Read RBAC configuration cluster-wide | 137 |
Top 10 Riskiest Projects
Ranked by weighted risk score (critical×10 + high×5 + medium×2 + low×1), using only the latest version of each project.
Top 10 Projects by Permission Count
